缓冲区溢出漏洞挖掘分析及利用的研究

计算机科学 ›› 2013, Vol. 40 ›› Issue (11): 143-146.

缓冲区溢出漏洞挖掘分析及利用的研究

史飞悦,傅德胜

南京信息工程大学南京210044;南京信息工程大学南京210044

出版日期:2018-11-16 发布日期:2018-11-16
基金资助:
本文受江苏省自然科学研究计划基金(11KJB520011)资助

Research of Buffer Overflow Vulnerability Discovering Analysis and Exploiting

SHI Fei-yue and FU De-sheng

Online:2018-11-16 Published:2018-11-16

摘要/Abstract

摘要： 当前,软件安全漏洞问题日趋严重,缓冲区溢出漏洞仍然是影响当前网络与分布式系统安全的主要问题之一。对缓冲区溢出漏洞进行挖掘分析以及利用的研究对于系统软件安全有着重要的意义。首先对缓冲区溢出原理以及漏洞挖掘分析与利用技术进行分析总结。然后提出了一种动静态分析相结合的漏洞挖掘分析方法,并采用此方法对微软Office漏洞进行挖掘分析,呈现了一个完整的漏洞挖掘分析过程。最后在理论与技术的基础上,在Windows平台下实现了漏洞挖掘分析系统VulAs,用于辅助漏洞挖掘分析工作,并验证了系统的准确性与有效性。

关键词: 漏洞,缓冲区溢出,漏洞挖掘分析,Shellcode,Vulas

Abstract: Currently,the problem of software security vulnerability becomes worse,and buffer overflow vulnerability still affects the current network and distributed system security．So it is very important to research the buffer overflow vulnerability discovering analysis and exploiting for the security of system software．In the paper,first of all,principle of buffer overflow and vulnerability discovering analysis and utilization techniques were discussed．Then one method of static analysis combined with the dynamic analysis of vulnerability discovering analysis was proposed,and a complete vulnerability discovering analysis process was presented,and the availability and effectiveness of the method were verified by actual Microsoft Office vulnerability．Finally,on the basis of the theory and technology,vulnerability discovering analysis system-VulAs was designed and realized under the Windows platform to assist the discovering and analysis of vulnerability,and the effectiveness of the tool was verified.

Key words: Vulnerability,Buffer overflow,Vulnerability discovering analysis,Shellcode,Vulas

史飞悦,傅德胜. 缓冲区溢出漏洞挖掘分析及利用的研究[J]. 计算机科学, 2013, 40(11): 143-146. https://doi.org/

SHI Fei-yue and FU De-sheng. Research of Buffer Overflow Vulnerability Discovering Analysis and Exploiting[J]. Computer Science, 2013, 40(11): 143-146. https://doi.org/

参考文献

[1] Aleph One．Smashing The Stack For Fun And Profit [J]．Phrack,1996,7(49)
[2] 邓爽．缓冲区溢出攻击分析及防范策略研究[D]．济南:山东大学,2009
[3] 李毅超,刘丹,韩宏,等．缓冲区溢出漏洞研究与进展[J]．计算机科学,2008,35(1):87-89,125
[4] 林志强,夏耐,茅兵,等．缓冲区溢出研究综述[J]．计算机科学,2004,31(9):110-113,0
[5] 王业君,倪惜珍,文伟平,等．缓冲区溢出攻击原理与防范的研究[J]．计算机应用研究,2005,22(10):101-104
[6] 2011年我国互联网网络安全态势综述[EB/OL]．http://www.cert.org.cn/UserFiles/File/201203192011annualreport.pdf
[7] 彭青白．缓冲区溢出漏洞的挖掘与利用方法研究[D]．武汉:华中科技大学,2009
[8] Voas J M,McGraw G．Software Fault Injection:Inoculating Programs Against Errors[M]．John Wiley and Sons,New York,1998
[9] DaveAitel．TheAdvantages of Block-Based ProtocolAnalysis for Security Testing[R]．Immunity,Inc．,2003
[10] AutoDafe[EB/OL]．http://autodafe．sourceforge.net,http://autodafe.sourceforge.net/docs/autodafe.pdf
[11] Oulu University Secure Programming Group．PROTOS Test-Suite:c06-snmpv1[R]．University of Oulu,Electrical and Information Engineering,2002
[12] BeyondSecurity．beStrom[EB/OL]．http://www.beyondsecurity.com/bestorm_whitepaper.html
[13] 刘奇旭,张玉清．基于 Fuzzing 的 TFTP 漏洞挖掘技术[J]．计算机工程,2007,33(20):142-147
[14] 李伟明,张爱芳,刘建财,等．网络协议的自动化模糊测试漏洞挖掘方法[J]．计算机学报,2011,34(2):242-255
[15] 杨丁宁,肖晖,张玉清．基于Fuzzing的ActiveX控件漏洞挖掘技术研究[J]．2012,49(7):1525-1532
[16] Kkqq,bugscam Analysis[J]．绿盟安全月刊,2004(46)

Metrics

Viewed

Full text

Abstract

Cited

Shared

Discussed